<?php
//$_GET['id'] //node_id
//$_GET['type']={question|request}
//$_GET['level']={view|modify|add|delete|super}
//以及
//question:
//  $_POST['q_' . $q_id]
//request:
//  $_POST['reason']

	include 'include/function.php';
	include_once 'include/form.php';
	
function check_answer($got,$answer) {
	if($got!=','&&stristr($answer,"'$got'"))return 1;
	else return 0;
}
	
	need_login();
	if(!(isset($_GET['id'])&&isset($_GET['type'])&&isset($_GET['level'])))redirect('./');
	
	$RP_nodeid	=get_to_mysql($_GET['id']);
	$RP_type	=get_to_mysql($_GET['type']);
	$RP_level	=get_to_mysql($_GET['level']);
	
	//check if user already got the permission
	$RP_perm	=permission_node($_user_id,$RP_nodeid);
	if(isset($RP_perm[0]) && strstr($RP_perm[0],$RP_level))redirect_error('You have already got the permission');
	if($RP_perm[1]!=$RP_nodeid)redirect("request_permission.php?id={$RP_perm[1]}&type=$RP_type&level=$RP_level");

	if($RP_type=='question') {
		//获取题目列表
		$query="select * from question where node_id=$RP_nodeid and level='$RP_level' ";
		$ret=oj_query($query);
		$i=0;
		while($row=mysql_fetch_assoc($ret)) {
			$question_list[$i]=$row;
			$i++;
		}
		//不存在则改为request方式进行申请
		if($i==0)$RP_type='request';
		else {
			//检查提交的答案
			$question_count=$i;
			$i=0;
			$question_answers='question:';
			while($i<$question_count) {
				$question_now_id=$question_list[$i]['question_id'];
				if(!isset($_POST['q_' . $question_now_id]))break;
				$question_now_ans=$_POST['q_' . $question_now_id];
				$question_answers=$question_answers . "\nq_$question_now_id:$question_now_ans";
				if(!check_answer(stripslashes($question_now_ans),$question_list[$i]['answer'])) {
					$question_WA=1;
				}
				$i++;
			}
			if($i==$question_count) {
				$question_answers=get_to_mysql($question_answers);
				if(isset($question_WA)) {
					//不合格
					$query='insert into request_permit (node_id, user_id, level, reason, submit_time, state) '
						. "values ($RP_nodeid, $_user_id, '$RP_level', '$question_answers', now(), 'deny') ";
					$ret=oj_query($query);
					$RP_message='You did not passed the test, learn more and try again later.';
				} else {
					//合格
					$query='insert into request_permit (node_id, user_id, level, reason, submit_time, state) '
						. "values ($RP_nodeid, $_user_id, '$RP_level', '$question_answers', now(), 'accept') ";
					$ret=oj_query($query);
					permission_give($RP_nodeid,$_user_id,$RP_level);
					redirect("shownode.php?id=$RP_nodeid");
				}
			}
		}
	} else {
		//request
		if(isset($_POST['reason'])) {
			$RP_reason=get_to_mysql($_POST['reason']);
			$query='insert into request_permit (node_id, user_id, level, reason, submit_time) '
				. "values ($RP_nodeid, $_user_id, '$RP_level', '$RP_reason', now()) ";
			$ret=oj_query($query);
			$RP_message='Submit success';
		}
	}
	
	$page_title=$site_title . ' - ' . _d('title_request_permission');
	include 'include/header.php';
	
	if(isset($RP_message))echo "<center><font color=blue>$RP_message</font></center>";
	if($RP_type=='question') {
		//question
		echo "<form method=post action='request_permission.php?id=$RP_nodeid&type=$RP_type&level=$RP_level'>";
		draw_tablelist_head(array(array(_d('rp_question'),'width="75%"'),_d('rp_answer')));
			$i=0;
			while($i<$question_count) {
				echo '<tr>';
					echo "<td>{$question_list[$i]['question']}</td>";
					echo "<td><input name='q_{$question_list[$i]['question_id']}' /></td>";
				echo '</tr>';
				$i++;
			}
			echo '<tr><td colspan=2>';
				echo '<center><input type="submit" name="submit" value="' . _d('rp_submit') . '"/></center>';
			echo '</td></tr>';
			echo '<tr><td colspan=2>';
				echo 'If you\'d like to send request by yourself, ';
				echo "<a href='request_permission.php?id=$RP_nodeid&type=request&level=$RP_level'>click here</a>.";
			echo '</td></tr>';
		echo '</table>';
		echo '</form>';
	} else {
		//request
		draw_simple_form('post',"request_permission.php?id=$RP_nodeid&type=$RP_type&level=$RP_level",array(),
		array(
			'node'=>array('html',_d('rp_node'),"<a href='shownode.php?id=$RP_nodeid'>$RP_nodeid</a>"),
			'level'=>array('html',_d('rp_level'),$RP_level),
			'reason'=>array('textarea',_d('rp_reason')),
			'submit'=>array('submit','',_d('rp_submit'))
		));
	}

	include 'include/footer.php';
?>

